In an attention grabbing headline, eMarketer talks about loss of trust, but goes on to indicate that growth in online banking is slowing.  This does not demonstrate loss of trust, rather it shows security concerns are inhibiting growth.  Consumers Losing Trust in Online Banking Adoption of online banking rose just three percent in the end of 2005, according to eMarketer, a research firm that specializes in online trends. The lackluster growth is expected to continue, as online financial dealings jumped just four percent between now and 2010, according to eMarketer. Having got that out of the way, there is no … Continue reading eMarketer says US consumers are losing trust in online banking

NTT DoCoMo annouce their new Series 9 phones, that includes biometric authentication. This has interesting ramifications for online banking, when thinking about validation of customer before they transact.  Wireless banking, by looking at the phone screen is a channel feature that will be prevalent in the next few years, and this type of capability makes it even more secure than PC’s. NTT DoCoMo: Press Releases – DoCoMo to Unveil New Eight FOMA “9 Series” Phones Biometric Authentication requires confirmation of the owner’s fingerprint, facial or voice features prior to accessing most features of the phone. Technorati Tags: online_banking, wireless_banking Continue reading Biometric phones released in Japan

Credit Unions are being attacked more than larger banks in a new trend observed by SecureWorks.  The “weakest link” theory says that criminals will take the easiest approach to stealing money, and they efforts by the big banks to strengthen their security, gives this result. Finextra: Hackers target credit unions SecureWorks’ credit union clients range from large firms – with $500m to billions in assets – to smaller organisations with under $500m in assets. On average, SecureWorks says it blocks 767 attacks per day per credit union client. Jon Ramsey, CTO, SecureWorks, says credit unions are experiencing more Internet attacks … Continue reading The weakest link theory

Jonathan Penn at Forrester makes the point that many US Banks have yet to make the decision on their two factor approach.  Forrester Research: The State Of FFIEC Compliance: Indecision And Worry At the half-way point toward the deadline for FFIEC compliance, most banks have not yet acted on selecting, much less implementing, solutions to strengthen online authentication. I would make the additional observation, that the large banks have made their decisions, and its the smaller ones that (generally) have yet to make the move.  There are some good reasons but not good enough to wait in my view.  In … Continue reading The Deadline for FFIEC compliance looms, yet many have yet to decide

Payments News notes this new survey from Market Platform Dynamics, indicating some interesting preferences amongst the group one would have expected more adoption propensity.  Some scepticism is necessary here, knowing that consumers generally are not good at predicting their own willingness to adopt. Payments News: Consumers Say Mobile Phone As Payment Device “Unnecessary” – May 05, 2006 Key among MPD’s findings is the apparent lack of enthusiasm that Gen X and Y have today for mobile payment technologies. Other highlights noted: Other notable highlights just show that there are many considerations involved in individuals payment choices, and there isn’t much … Continue reading Apparent lack of enthusiasm that Gen X and Y have today for mobile payment technologies

Here is a unique survey of banks around the world, and how they treat log in, and whether they have two factor authentication. This appears to align with this earlier post. Secure Web Bank – WWW Security Tests, Ideas, Prototypes. In order to encrypt login information, the page receiving the information has to use SSL, while the form where the user enters such information does not have to use SSL. However, in this case the user has no way to tell if the login form is "legit" or spoofed. Sadly, many banks no longer offer SSL login forms.Here a quick … Continue reading World survey of Banks, and whether their log in is secure

David describes the customer experience, as Bank of America implements PassMark Security anti-phishing solution. Seems it went smoothly except it wasn't clear to him why he was going through it. Relevance to Bankwatch: The devil is in the details with online banking implementations, and its all about considering the experience at time of click. » Will BofA's SiteKey thwart phishing attempts? | Between the Lines | ZDNet.com The last time I logged into my BoA account, it forced me to do two things.First, I had to pick an image from a large library of images. For example, you can pick … Continue reading Customer description of Bank of America sitekey (Passmark)

RSA has simplified the decision process for Banks entering the two factor game, by now acquiring PassMark, for US $44.7 million. They had already acquired Cyota. This leaves Digital Envoy and their product suite. In addition, DE have their own problems in a lawsuit with Google. RSA Security – Press Release – RSA Security Acquires PassMark Security; Extends Leadership in Protecting Online Identities and Transactions RSA Security Inc. (NASDAQ: RSAS) today announced that it has acquired PassMark Security, Inc. A privately held company based in Menlo Park, PassMark delivers robust software-based authentication to millions of users worldwide, through some of … Continue reading RSA acquires PassMark Security

While its true these banks are taking a wait and see approach to new two factor autnetication software such as PassMark, or Digital Envoy, I believe the reason is not as suggested in this article. Banks tread warily over two-factor security But the need to introduce such additional security is still not clear-cut for banks, as they balance their reputation and customer convenience against the risk of fraud that is posed by their existing security arrangements. And, for now, the number of UK banks adopting a wait-and-see approach far outstrips those taking decisive action, with Abbey, Barclays, the Co-operative Bank, … Continue reading UK Banks wait on the sidelines relative to mass two factor authentication